Narayanan, Vidya wrote:
So, I assume that the issue with using 802.11i/WPA2 would be that it
requires an upgrade of APs? If EAPoUDP (as being discussed without any
keys for data traffic protection) were to be used, you would still have
to perform the MAC address-based access control to provide an equivalent
level of security as you have now. The only advantage then is the user
being prompted for a password as opposed to web-based login - perhaps
that is still a reasonable advantage, I am not sure.
The replacement of web-based logins would indeed be very useful,
because it assumes that web is being used and can be used.
If a voice over IP phone moved from one network to another during
a call, the user would not be pleased if a web login page appeared.
Particularly if the user was in a call or the device had no screen
that can reasonably run web :-) The user would probably be
even less pleased if no login page appeared but packets
stopped flowing.
But its true that non-web-based logins can be achieved in
multiple ways.
--Jari
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/ietf